Author Topic: Browser's In General.  (Read 31071 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Browser's In General.
« Reply #60 on: May 06, 2013, 08:53:25 AM »
IE has the Smart Screen Filter which does a very good job of filtering out bad websites and downloads. Many reviews are rating the new IE versions as the most secure of all the browsers.

Yes, if you're happy with Microsoft looking at every web site you visit, but there's also evidence that it blocks too many legitimate downloads.

http://dontsurfinthenude.blogspot.co.uk/2011/08/microsofts-bad-reputations.html
I've never had anything like that happen and even if it does, you can choose to ignore the warning.

1) If 30-75% of warnings are false positives, users get into the habit of ignoring the warning, which is not good for security.

2) A 30-75% false positive rate would be totally unacceptable for an anti-virus program, and if avast was falsely detecting that number of legitimate files as malware, users would be screaming blue murder.

3) Microsoft is gaining its rating as "most secure" by damaging the business of legitimate web sites by wrongly flagging their files as malware. If Firefox did this, you'd be screaming blue murder.
I don't believe for one second that the false positive rate is anywhere near that high. I doubt if overall, it even hits 10%. The article posted only talks about a very limited number of sites. Sites that most people would never visit in the first place.

Frankly what you believe emerges from your own posterior.
Was that really called for? I request moderator action here. At least a warning.

In my opinion, yes. Nothing you write on browser security takes any account of the evidence- it is based only on your political bias.

The post above says that more concisely.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Browser's In General.
« Reply #61 on: May 06, 2013, 09:20:06 AM »
I searched for other info regarding false positives by the SmartScreen filter and everything I find says it's unlikely and happens only occasionally, certainly not 30% of the time. I personally have only seen it happen for things that are brand new and unsigned. I don't consider that a problem at all since Comodo will also automatically sandbox things like that.  Even Norton would flag such things as suspicious.

You didn't look at my original link then, because there's a quote from Sophos giving the 30-75% figure.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33442
  • malware fighter
Re: Browser's In General.
« Reply #62 on: May 06, 2013, 11:28:44 AM »
Because of this https://community.rapid7.com/community/metasploit/blog/2013/05/05/department-of-labor-ie-0day-now-available-at-metasploit
the XP user community is strongly advised to use an alternative browser like firefox or chrome, because they are stuck with IE8 and cannot upgrade their Blue E! changing ActiveX settings won't settle the problem with the exploit as MS originally advised...XP users are left out in the cold or have to switch browsers....

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Dch48

  • Guest
Re: Browser's In General.
« Reply #63 on: May 06, 2013, 12:14:51 PM »
I searched for other info regarding false positives by the SmartScreen filter and everything I find says it's unlikely and happens only occasionally, certainly not 30% of the time. I personally have only seen it happen for things that are brand new and unsigned. I don't consider that a problem at all since Comodo will also automatically sandbox things like that.  Even Norton would flag such things as suspicious.

You didn't look at my original link then, because there's a quote from Sophos giving the 30-75% figure.
As I said, that's one article referring to a very small number of sites that nobody visits anyway. It does not show figures for overall browser usage where every other article says the false positives are unlikely and occasional at worst. I would have to say that any perceived "political bias" ( I have no idea how politics enter the question) pales in comparison to the anti Microsoft bias blatantly evident in your (and a few others) posts. Not to mention the hostile confrontational attitude that is displayed so frequently.
« Last Edit: May 06, 2013, 12:18:06 PM by Dch48 »

Dch48

  • Guest
Re: Browser's In General.
« Reply #64 on: May 06, 2013, 12:26:47 PM »
Because of this https://community.rapid7.com/community/metasploit/blog/2013/05/05/department-of-labor-ie-0day-now-available-at-metasploit
the XP user community is strongly advised to use an alternative browser like firefox or chrome, because they are stuck with IE8 and cannot upgrade their Blue E! changing ActiveX settings won't settle the problem with the exploit as MS originally advised...XP users are left out in the cold or have to switch browsers....

polonus
That's interesting but we were discussing IE9 and 10 here. I may make Chrome the default on my XP machine again but I very rarely go online with it any more and only use it for playing legacy games that don't establish connections. Chrome is definitely faster than IE8 but not, in my experience, than 9 or 10. I just greatly prefer the interfaces of IE, especially the download and favorites (bookmarks) handling. Those two things are the main reasons why I will continue to use IE.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33442
  • malware fighter
Re: Browser's In General.
« Reply #65 on: May 06, 2013, 12:38:20 PM »
Hi Dch48,

Enjoy, but keep all your software fully updated and patched. I always used this software with IE, namely  -IE cache explorer -, a few clicks and I feel more secure. Delete Cookies, Delete History, Delete IE Files. Simple proggie but great to have next to IE....and Microsoft FixIt Centre, I do a scan occasionally...

greets,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Dch48

  • Guest
Re: Browser's In General.
« Reply #66 on: May 06, 2013, 01:09:56 PM »
Hi Dch48,

Enjoy, but keep all your software fully updated and patched. I always used this software with IE, namely  -IE cache explorer -, a few clicks and I feel more secure. Delete Cookies, Delete History, Delete IE Files. Simple proggie but great to have next to IE....and Microsoft FixIt Centre, I do a scan occasionally...

greets,

polonus
CCleaner does a good job of removing all those things and lets me keep the cookies I don't want deleted. Of course I keep everything updated.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Browser's In General.
« Reply #67 on: May 06, 2013, 11:24:49 PM »
I searched for other info regarding false positives by the SmartScreen filter and everything I find says it's unlikely and happens only occasionally, certainly not 30% of the time. I personally have only seen it happen for things that are brand new and unsigned. I don't consider that a problem at all since Comodo will also automatically sandbox things like that.  Even Norton would flag such things as suspicious.

You didn't look at my original link then, because there's a quote from Sophos giving the 30-75% figure.
As I said, that's one article referring to a very small number of sites that nobody visits anyway. It does not show figures for overall browser usage where every other article says the false positives are unlikely and occasional at worst. I would have to say that any perceived "political bias" ( I have no idea how politics enter the question) pales in comparison to the anti Microsoft bias blatantly evident in your (and a few others) posts. Not to mention the hostile confrontational attitude that is displayed so frequently.

Do you have any evidence that this is a "very small number of sites that nobody visits anyway", or did you just pull that fact from your rear too?

What would you say to this guy? Nobody visits your site anyway?

Quote
Ever since the release of Internet Explorer 9, we (and other smaller sites) have been plagued by visitors who, when they attempt to download our stationery files, see a strong warning in Internet Explorer 9 about downloading and installing our files. This is worrisome. Even visitors who have been downloading our stationery for over a decade are writing and expressing their concern about the safety of our files.

http://dontsurfinthenude.blogspot.co.uk/2011/08/microsofts-bad-reputations.html

These are Microsoft's own figures for false positives.

My comments are based on evidence. Yours on meaningless subjective comments, like "it hasn't affect me, so it can't be a problem".

Bias? Confrontational?

I wouldn't use Firefox if they paid me to.

Projection.

http://en.wikipedia.org/wiki/Psychological_projection

You have no idea how politics enters the question?

Here's a post very similar to yours, the signature of which makes it very clear.

Anything has to be better than FF. ::)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46573
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Browser's In General.
« Reply #68 on: May 06, 2013, 11:42:20 PM »
What started as a question asked by YellowFox now seems to have turned into a
battle royal between Dch48 and FreewheelinFrank.
Maybe it's time to get back on topic ???
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33442
  • malware fighter
Re: Browser's In General.
« Reply #69 on: May 06, 2013, 11:59:31 PM »
Hi bob3160,

I agree with you here we better should get back on topic. But apart from that I found this Dch48 versus FwF intermezzo very educating, because it "explores" sorry for that word, the duality of the way users from these two "camps" look against and appreciate browsers and browser software. The way Dch48 and  FwF expose their differences is profound to a point where it almost gets "painful" - everybody can now decide where he stands. I would not have liked to have missed it as it again stressed some points for me and also presented these in a different way. Thank you Dch4 and FwF for that,

polonus
« Last Edit: May 07, 2013, 12:02:02 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Dch48

  • Guest
Re: Browser's In General.
« Reply #70 on: May 07, 2013, 12:31:41 AM »
Quote


What would you say to this guy? Nobody visits your site anyway?

Quote
Ever since the release of Internet Explorer 9, we (and other smaller sites) have been plagued by visitors who, when they attempt to download our stationery files, see a strong warning in Internet Explorer 9 about downloading and installing our files. This is worrisome. Even visitors who have been downloading our stationery for over a decade are writing and expressing their concern about the safety of our files
Since it is by admission a small site that few people visit, it hardly represents the overall browsing experience.

I see no figures given by Microsoft as to a false positive percentage and I also say there are no politics involved.

My statements are based on a wider sampling than just a few minor sites and not only on my own experience.

I agree that this needs to end  so I'm done with this particular thread. My opinions and preferences remain unchanged though. As I have said before, I refuse to let the malware writing scum dictate how I use my computer so I will continue to use things I like and find convenient. I will browse with IE and I will not disable things like Autorun, UPnP, Flash, and Java just because of a remote possibility they could be compromised, I trust Microsoft and the others to patch vulnerabilities like they always have in the past.
« Last Edit: May 07, 2013, 05:12:16 PM by Dch48 »

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Browser's In General.
« Reply #71 on: May 07, 2013, 07:50:33 AM »


What would you say to this guy? Nobody visits your site anyway?

Quote
Ever since the release of Internet Explorer 9, we (and other smaller sites) have been plagued by visitors who, when they attempt to download our stationery files, see a strong warning in Internet Explorer 9 about downloading and installing our files. This is worrisome. Even visitors who have been downloading our stationery for over a decade are writing and expressing their concern about the safety of our files
Since it is by admission a small site that few people visit, it hardly represents the overall browsing experience.

I see no figures given by Microsoft as to a false positive percentage and I also say there are no politics involved.

My statements are based on a wider sampling than just a few minor sites and not only on my own experience.

I agree that this needs to end  so I'm done with this particular thread. My opinions and preferences remain unchanged though. As I have said before, I refuse to let the malware writing scum dictate how I use my computer so I will continue to use things I like and find convenient. I will browse with IE and I will not disable things like Autorun, UPnP, Flash, and Java just because of a remote possibility they could be compromised, I trust Microsoft and the others to patch vulnerabilities like they always have in the past.

Here's the link, as you were unable to find it on the Sophos blog:

http://blogs.msdn.com/b/ie/archive/2011/05/17/smartscreen-174-application-reputation-in-ie9.aspx

Quote
On any given day, clicking through the “unknown warning” carries a risk between 25% and 70% of malware infection

So 30-75% of the time, when you see a warning, it's a false positive, by Microsoft's admission.

Quote
Since it is by admission a small site that few people visit, it hardly represents the overall browsing experience.

Is this really the attitude you would take if Firefox or Chrome did something like this? Like I said, I'm pretty sure you'd be screaming blue murder.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Dch48

  • Guest
Re: Browser's In General.
« Reply #72 on: May 07, 2013, 05:23:33 PM »
Quote
Quote

On any given day, clicking through the “unknown warning” carries a risk between 25% and 70% of malware infection



So 30-75% of the time, when you see a warning, it's a false positive, by Microsoft's admission.
That's your proof? That's a very interesting twist you take on something that actually proves how good the system is. This is only for new and unknown things that don't have a sufficient reputation built up. Many of the modern security suites will also flag those things as suspicious, including Norton and Comodo. I do not see that as a problem at all. Especially since you can ignore the warning for things you know to be safe. I'd rather get those warnings than not. It is not a positive detection, false or otherwise. Nothing gets automatically fully blocked by SmartScreen unless it is definitely known to be bad.

Microsoft's official position is that SmartScreen is extremely accurate and actual false positives (full blocks) are extremely unlikely.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46573
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Browser's In General.
« Reply #73 on: May 07, 2013, 06:04:16 PM »
Can we please get back on topic ???
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

YellowFox

  • Guest
Re: Browser's In General.
« Reply #74 on: May 07, 2013, 06:21:29 PM »
I made this thread for use on saying some good addons for Chrome and Firefox not for starting the mother of all flamewars. Weather IE is good or not doesn't matter this isn't meant for arguments it's meant for talking about good things you can add to your browser to help with productivity and security. No-Script is good but is there anything better that doesn't slow browsing so drastically also is there anything for chrome that does the same sort of thing?